requests: number of requests that have been processed by the filter node.

attacks: number of recorded attacks.

blocked: number of blocked requests.

abnormal: number of requests abnormal for the application.

requests_lost: number of requests that were not analyzed in a post-analytics module and transferred to API. For these requests, blocking parameters were applied (i.e. malicious requests were blocked if the system was operating in blocking mode), however, data on these events is not visible in the UI. This is only used when Wallarm Node works with a local post analytics module.

tnt_errors: number of requests not analyzed by a post-analytics module. For these requests, the reasons of blocking are recorded, but the requests themselves are not counted in statistics and behavior checks.

api_errors: * The number of requests that were not submitted to the API for further analysis. For these requests, blocking parameters were applied (i.e., malicious requests were blocked if the system was operating in blocking mode), however, data on these events is not visible in the UI. This is only used when Wallarm Node works with a local post analytics module.

segfaults: number of issues that led to the emergency termination of the worker process.

memfaults: number of issues when the virtual memory limits were reached.

requests: number of requests that have been processed by the filter node.

attacks: number of recorded attacks.

blocked: number of blocked requests.

abnormal: number of requests abnormal for the application.

requests_lost: number of requests that were not analyzed in a post-analytics module and transferred to API. For these requests, blocking parameters were applied (i.e. malicious requests were blocked if the system was operating in blocking mode), however, data on these events is not visible in the UI. This is only used when Wallarm Node works with a local post analytics module.

tnt_errors: number of requests not analyzed by a post-analytics module. For these requests, the reasons of blocking are recorded, but the requests themselves are not counted in statistics and behavior checks.

api_errors: * The number of requests that were not submitted to the API for further analysis. For these requests, blocking parameters were applied (i.e., malicious requests were blocked if the system was operating in blocking mode), however, data on these events is not visible in the UI. This is only used when Wallarm Node works with a local post analytics module.

segfaults: number of issues that led to the emergency termination of the worker process.

memfaults: number of issues when the virtual memory limits were reached.

fallback: number of the proton.db + LOM pair loaded from the last saved files.

failed: number of the proton.db + LOM pairs that were not initialized and run in the "do not analyze" mode.

stalled_workers_count: the quantity of the workers that exceeded the time limit for request processing (the limit is set in the wallarm_process_time_limit directive).

stalled_workers: the list of the workers that exceeded the time limit for request processing (the limit is set in the wallarm_process_time_limit directive) and the amount of time spent on request processing.

2. Run a Test Attack

To check if Wallarm correctly detects attacks, send an invalid request to the
protected resource.